NIDS may not protect against identity theft, says Multilink operator
OWNERS and operators of the Multilink network, Jamaica Electronic Transfer Services (JETS) has cautioned that while the structure of the proposed National Identification System (NIDS) seems safe, practically, it may not be able to prevent identity theft.
In a submission to the joint select committee which is now considering the 2020 National Identification Registration Act (NIRA) Wednesday, chief executive officer of JETS, Edmundo Jenez pointed out that while its (provision) is clear in its intent, the ‘validation of identity to counteract identity theft’, “I think, would be a better statement in that objective [as] prevention of identity theft may not be totally possible as described in the bill”.
The Bill, originally drafted in 2017 but returned to the drawing board after being nullified by the Supreme Court in its entirety in 2019, sets out among its eight main objectives the prevention of identity theft and other instances of fraud with respect to identity information.Jenez noted that although key features of the NIDS database will be security and encryption, neither is defined and advised that cybersecurity should be added for protection from electronic attacks via viruses, ransomware or other malware. He said this is important, considering the pending enactment of the Data Protection Act.
Furthermore, Jenez suggested that it may be limiting the system to have only numerical characters representing national identification numbers. He said alphanumerical numbers should also be considered as this would be more expansive and precise in terms of each individual’s unique information. The company also noted its concerns about making failure to identify the loss of a national identification card an offence, as set out in the Bill.
“Failure to report a lost or missing card could make persons in the country offenders; misuse of the card should be considered an offence,” Jenez said, adding that the company was also suggesting a shorter period of validity for the cards of five years instead of 15 years.
He said also that the National Database Inspectorate, which will provide oversight for the NIDS Authority, should be subject to audit and review.
“The matter of funding and management of the inspectorate is not explicit. It is only said that it would be funded by the NIDS Authority, which presents a potential conflict in that the authority funding itself is one issue [but] funding its own review entity could produce some conflicts as to who controls that process. So, the value of the inspectorate to ensure consumer confidence may be eroded if the inspectorate is poorly funded or not able to make regular reports,” he explained.
JETS is also of the view that compensation of the staff of the inspectorate should be better outlined and pegged to a Government of Jamaica salary scale, which is publicly disclosed, rather than being determined by the Ministry of Finance.
Jenez, in the meantime, said NIDS was valuable to financial services in validating identity, particularly given the costs and delays related to verifying customers’ identities.
The revised Bill is intended to provide reliable verification and authentication of identity information for Jamaican citizens and residents in order to strengthen identity security, cybersecurity, and reduce bureaucracy. The legislation proposes to, among other objectives, establish a National Identification and Registration Authority and databases comprising civil registration data collected by the Registrar General’s Department; provide for the issuance and use of a unique National Identification Number to be assigned to each enrolled individual, and the issuance of a national identification card.
Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at https://bit.ly/epaper-login